"What is the Keycloak MCP Server?"

"The Keycloak MCP Server is a tool that allows AI assistants and external clients to programmatically manage Keycloak users and realms. It provides automated interfaces for user creation, deletion, realm listing, and more, streamlining authentication workflows."

"Which Keycloak management operations are supported?"

"It supports creating users, deleting users, listing all realms, and listing users in a given realm—covering essential administration tasks."

"Can I use the Keycloak MCP Server with FlowHunt?"

"Yes, simply add the MCP component to your FlowHunt flow and configure the Keycloak MCP endpoint. Your AI agents will then be able to automate user and realm management tasks seamlessly."

"How should I secure my Keycloak admin credentials?"

"It’s strongly recommended to store sensitive information such as admin credentials in environment variables. Configure your MCP server to use these variables to enhance security and prevent accidental exposure."

"What are typical use cases for this server?"

"Automated user provisioning, bulk user management, realm administration, AI-driven authentication workflows, and enabling self-service user management portals for support teams or end-users."

Keycloak MCP Server

Automate Keycloak user and realm management in FlowHunt with the Keycloak MCP Server, streamlining authentication tasks via AI-powered interfaces.

What does “Keycloak” MCP Server do?

The Keycloak MCP (Model Context Protocol) Server is a specialized tool that enables AI-powered administration of Keycloak users and realms. Acting as a bridge between AI assistants and Keycloak, it allows external clients (like Claude Desktop and other MCP-compatible platforms) to automate user and realm management tasks. Through the MCP interface, developers can perform user creation, deletion, realm listing, and user listing operations seamlessly. This enhances development and DevOps workflows by allowing AI agents to interact programmatically with authentication and user management infrastructure, making routine administrative tasks more efficient and reducing manual overhead.

List of Prompts

No prompt templates are mentioned in the repository.

List of Resources

No explicit resources are documented in the repository.

List of Tools

create-user
Creates a new user in a specified realm.
Inputs: realm, username, email, firstName, lastName
delete-user
Deletes a user from a specified realm.
Inputs: realm, userId
list-realms
Lists all available Keycloak realms.
list-users
Lists all users in a specified realm.
Inputs: realm

Use Cases of this MCP Server

Automated User Provisioning
Developers or DevOps engineers can automate the creation of new users across different realms, reducing manual intervention and ensuring consistent onboarding processes.
Bulk User Management
Easily list or remove users in specific realms, making it suitable for managing large-scale environments with multiple user accounts.
Realm Administration
Quickly retrieve the list of all available realms, facilitating multi-tenant or multi-environment scenarios where management across realms is required.
Integration with AI Agents
Allow AI assistants to handle repetitive Keycloak administrative tasks, such as creating test users for QA or cleaning up demo environments after testing.
Self-Service Portals
Enable end-users or support teams to perform routine user management actions via AI interfaces, improving response times and reducing support workload.

How to set it up

Windsurf

Ensure Node.js is installed on your system.
Locate your Windsurf configuration file.

Add the Keycloak MCP Server using the following JSON snippet:

{
  "mcpServers": {
    "keycloak": {
      "command": "npx",
      "args": ["-y", "keycloak-model-context-protocol"],
      "env": {
        "KEYCLOAK_URL": "http://localhost:8080",
        "KEYCLOAK_ADMIN": "admin",
        "KEYCLOAK_ADMIN_PASSWORD": "admin"
      }
    }
  }
}

Save the configuration and restart Windsurf.
Verify the setup by checking if Windsurf can connect to the Keycloak MCP Server.

Claude

Ensure Node.js is installed.
Open your Claude Desktop configuration file.

Insert the following configuration under mcpServers:

{
  "mcpServers": {
    "keycloak": {
      "command": "npx",
      "args": ["-y", "keycloak-model-context-protocol"],
      "env": {
        "KEYCLOAK_URL": "http://localhost:8080",
        "KEYCLOAK_ADMIN": "admin",
        "KEYCLOAK_ADMIN_PASSWORD": "admin"
      }
    }
  }
}

Save the file and restart Claude Desktop.
Confirm connectivity to the Keycloak MCP Server.

Cursor

Make sure Node.js is set up.
Find and open the Cursor configuration file.

Add the Keycloak MCP Server details:

{
  "mcpServers": {
    "keycloak": {
      "command": "npx",
      "args": ["-y", "keycloak-model-context-protocol"],
      "env": {
        "KEYCLOAK_URL": "http://localhost:8080",
        "KEYCLOAK_ADMIN": "admin",
        "KEYCLOAK_ADMIN_PASSWORD": "admin"
      }
    }
  }
}

Save the configuration and restart Cursor.
Check for a successful connection.

Cline

Install Node.js if not already present.
Access the Cline configuration file.

Add the following MCP Server configuration:

{
  "mcpServers": {
    "keycloak": {
      "command": "npx",
      "args": ["-y", "keycloak-model-context-protocol"],
      "env": {
        "KEYCLOAK_URL": "http://localhost:8080",
        "KEYCLOAK_ADMIN": "admin",
        "KEYCLOAK_ADMIN_PASSWORD": "admin"
      }
    }
  }
}

Save changes and restart Cline.
Verify that Cline recognizes the Keycloak MCP Server.

Securing API Keys

It is recommended to use environment variables for sensitive information like admin credentials. Example configuration:

{
  "mcpServers": {
    "keycloak": {
      "command": "npx",
      "args": ["-y", "keycloak-model-context-protocol"],
      "env": {
        "KEYCLOAK_URL": "http://localhost:8080",
        "KEYCLOAK_ADMIN": "${KEYCLOAK_ADMIN}",
        "KEYCLOAK_ADMIN_PASSWORD": "${KEYCLOAK_ADMIN_PASSWORD}"
      }
    }
  }
}

Set the environment variables KEYCLOAK_ADMIN and KEYCLOAK_ADMIN_PASSWORD securely in your system before starting the application.

How to use this MCP inside flows

Using MCP in FlowHunt

To integrate MCP servers into your FlowHunt workflow, start by adding the MCP component to your flow and connecting it to your AI agent:

Click on the MCP component to open the configuration panel. In the system MCP configuration section, insert your MCP server details using this JSON format:

{
  "keycloak": {
    "transport": "streamable_http",
    "url": "https://yourmcpserver.example/pathtothemcp/url"
  }
}

Once configured, the AI agent is now able to use this MCP as a tool with access to all its functions and capabilities. Remember to change “keycloak” to whatever the actual name of your MCP server is and replace the URL with your own MCP server URL.

Overview

Section	Availability	Details/Notes
Overview	✅
List of Prompts	⛔	None found
List of Resources	⛔	None found
List of Tools	✅	User and realm management tools
Securing API Keys	✅	Uses env variables
Sampling Support (less important in evaluation)	⛔	Not mentioned

Based on the available documentation and features, the Keycloak MCP Server provides solid foundational tools for Keycloak administration, but lacks advanced MCP features like prompt templates, explicit resources, or sampling support. Its main value lies in straightforward user/realm management via AI interfaces.

MCP Score

Has a LICENSE	⛔
Has at least one tool	✅
Number of Forks	9
Number of Stars	22

Overall Rating:
I would rate this MCP server a 5/10. It offers essential, well-documented Keycloak administration tools but is missing advanced MCP features and has no LICENSE file, which limits its adoption and extensibility.

Frequently asked questions

What is the Keycloak MCP Server?: The Keycloak MCP Server is a tool that allows AI assistants and external clients to programmatically manage Keycloak users and realms. It provides automated interfaces for user creation, deletion, realm listing, and more, streamlining authentication workflows.
Which Keycloak management operations are supported?: It supports creating users, deleting users, listing all realms, and listing users in a given realm—covering essential administration tasks.
Can I use the Keycloak MCP Server with FlowHunt?: Yes, simply add the MCP component to your FlowHunt flow and configure the Keycloak MCP endpoint. Your AI agents will then be able to automate user and realm management tasks seamlessly.
How should I secure my Keycloak admin credentials?: It’s strongly recommended to store sensitive information such as admin credentials in environment variables. Configure your MCP server to use these variables to enhance security and prevent accidental exposure.
What are typical use cases for this server?: Automated user provisioning, bulk user management, realm administration, AI-driven authentication workflows, and enabling self-service user management portals for support teams or end-users.

Boost Keycloak Administration with FlowHunt's Keycloak MCP Server

Streamline user and realm management tasks with FlowHunt’s Keycloak MCP Server and let your AI agent handle routine authentication administration.

Get Started Book a Demo

Learn more

Kubernetes MCP Server Integration

The Kubernetes MCP Server bridges AI assistants and Kubernetes clusters, enabling AI-driven automation, resource management, and DevOps workflows through standa...

Jun 18, 2025 4 min read

AI Kubernetes +4

Kubernetes MCP Server

The Kubernetes MCP Server bridges AI assistants and Kubernetes/OpenShift clusters, enabling programmatic resource management, pod operations, and DevOps automat...

Jun 18, 2025 5 min read

Kubernetes MCP Server +4

Model Context Protocol (MCP) Server

The Model Context Protocol (MCP) Server bridges AI assistants with external data sources, APIs, and services, enabling streamlined integration of complex workfl...

Jun 18, 2025 3 min read

AI MCP +4